Skip to main content
The SimpliCompliance Podcast

The SimpliCompliance Podcast

By Craig Willard

The SimpliCompliance podcast provides direct discussion from experts to simplify compliance for IT and business leaders. If you feel compliance is too complicated and need someone to lay it out clearly, this podcast will help. We also discuss technology and security strategies, tips, and trends, all focused on making life easier for busy business leaders. Our moderator, Craig Willard, is a CMMC-AB Registered Practitioner with 15+ years of senior leadership experience in a Fortune 100 company. Join in as we SIMPLIFY the compliance conversation! Everything from HIPAA and NIST 800-1717 to CMMC.
Listen on SpotifySend voice message
Available on
Apple Podcasts Logo
Google Podcasts Logo
Pocket Casts Logo
RadioPublic Logo
Spotify Logo
Report content on Spotify
Currently playing episode

CMMC - Are You Using The Correct Assessment Guide for 800-171?

The SimpliCompliance PodcastJun 09, 2021

00:00
08:28
CMMC - Are You Using The Correct Assessment Guide for 800-171?

CMMC - Are You Using The Correct Assessment Guide for 800-171?

In this episode, Craig Willard, CMMC-AB Registered Practitioner, and Nick Landers, CMO at SimplifIT, a CMMC-AB Registered Provider Organization discuss and clarify the confusion surrounding the correct guides to utilize when assessing your organization for 800-171.  

The interim rule requires all DIB's who store, process, create, and/or transmit CUI (252.204.7012) to complete a current assessment of 800-171.  DIB's are also required to create an SSP, POA@M along with grading and uploading their assessment to SPRS.  It is CRITICAL the DIB is utilizing the correct assessment guide.  

Find out here if your guide is the correct one.  

You can find our Podcast here: Radio Public https://radiopublic.com/the-simplicompliance-podcast-WR122ePocketCasts https://pca.st/ox4pn15mSpotify https://open.spotify.com/show/5fo9zaA4X12cWPxe2GzU6FApple Podcast https://podcasts.apple.com/us/podcast/the-simplicompliance-podcast/id1562908018Anchor FM https://anchor.fm/simplicompliancepodcastGoogle Podcast https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy80ZWVmZWJiYy9wb2RjYXN0L3Jzcw== 

If you need help with your CMMC Compliance, reach out to us:  

www.WeSimplifIT.com 

502-783-6630

Jun 09, 202108:28
CMMC - Interview with Retired Navy Cryptologist Vincent Scott

CMMC - Interview with Retired Navy Cryptologist Vincent Scott

Craig Willard, CMMC-AB Registered Practitioner, and Vincent Scott, retired Navy Cryptologist and serial entrepreneur talk a few things within the CMMC Space.

Vincent Scott currently serves as the CEO of Defense Cybersecurity Group, a cyber consulting company focused on the new DoD Cyber requirements for the Defense Industrial Base where he brings the cyber offensive mindset of his Navy career to cyber defense for US companies

Questions Discussed:

  • What is a CYBER OFFENSE mindset?
  • If I Meet All Of The 800-171 Requirements... Is My Company Safe?
  • Should DoD Contractors Use the MEP Guide For 800-171 Self Assessments?
  • How Powerful Is The SPRS Score From The 800-171 Self Assessment?
  • What Challenges are DIB's Currently Experiencing?
  • How Can DIB's Handle The Expense Perspective of Compliance?
  • What DIB's Should DIB's Not Do While Implementing Their Security Requirements?


You can find our Podcast here:

Radio Public https://radiopublic.com/the-simplicompliance-podcast-WR122e
PocketCasts https://pca.st/ox4pn15m
Spotify https://open.spotify.com/show/5fo9zaA4X12cWPxe2GzU6F
Apple Podcast https://podcasts.apple.com/us/podcast/the-simplicompliance-podcast/id1562908018
Anchor FM https://anchor.fm/simplicompliancepodcast
Google Podcast https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy80ZWVmZWJiYy9wb2RjYXN0L3Jzcw==


Vincent Scott Contact Info:

Vincent.Scott@cybersecgru.com
www.cybersecgru.com
https://www.linkedin.com/in/vincent-scott-cybersecurity/
https://www.linkedin.com/pulse/cmmc-challenge-documentation-vincent-scott
https://www.linkedin.com/pulse/when-encryption-enough-vincent-scott/
https://www.linkedin.com/pulse/1-problem-cybersecurity-truth-you-dont-want-know-vincent-scott/

If you need help with your CMMC Compliance, reach out to us:

www.WeSimplifIT.com

502-783-6630

Jun 02, 202133:58
HIPAA Compliance Solutions - How Breach Secure Now Can Help You Simplify HIPAA Compliance

HIPAA Compliance Solutions - How Breach Secure Now Can Help You Simplify HIPAA Compliance

In this Episode, Craig Willard, CMMC-AB Registered Practitioner, and Art Gross discuss simplifying HIPAA Compliance with Breach Secure Now.  We also talk about the need for healthcare to additionally focus on cybersecurity and the protection of Cyber Liability Insurance!


Breach Secure Now Contact Info:

https://www.breachsecurenow.com

Inskyber Insurance Contact Info:

https://inskyber.com/

If you need help with your HIPAA compliance, reach out to us:

www.WeSimplifIT.com

502-783-6630

May 20, 202135:37
CMMC - Interview with FedRAMP Author and Architect, Dave Fairburn

CMMC - Interview with FedRAMP Author and Architect, Dave Fairburn

In this episode, Craig Willard, CMMC-AB Registered Practitioner, and Dave Fairburn, nationally known as the architect and author of the Federal Risk Authorization and Management Program (FedRAMP) talk about many enlightening topics regarding CMMC.  

Questions:

• How did you become the Author and Architect of FedRAMP.

• With an increasing level of vendors offering CUI cloud storage that meets CMMC requirements, how can a contractor quiet the noise and pick a vendor that will be able to truly meet 800-171/CMMC requirements for storing CUI?

• If an OSC is seeking ML-1, even though documentation is not required, what are you, as a provisional Assessor, expecting to see documented in order to certify the OSC as ML-1?

• I’ve heard that the CMMC-AB is designating assessor data as CUI.  Along that same vein, If an OSC is seeking ML-3 and they store validating documentation needed for the assessor in DropBox or any other non 7012 compliant solutions, would that also need to be considered CUI and stored within an environment meeting 7012 requirements?

• For ML-3, is data such as system vulnerability scans, user names, and associated privileged levels considered CUI?

• System vulnerabilities are noted in the archives as CUI, however, I’m hearing others say a contractor's system vulnerabilities on their CUI infrastructure is not CUI.  

Dave Fairburn Contact Info:  

Dave.Fairburn@CyberPros.us
https://www.CyberPros.us
https://www.linkedin.com/in/dave-fairburn-cissp-pmp-cmmc-pa-cmmc-rp-93b87717/

If you need help with your CMMC Compliance, reach out to us:

www.WeSimplifIT.com
502-783-6630

Apr 19, 202151:00
CMMC - What should DoD contractors be doing right now?

CMMC - What should DoD contractors be doing right now?

In this episode, Craig Willard, CMMC-AB Registered Practitioner, and Nick Landers, CMO at SimplifIT, a CMMC-AB Registered Provider Organization discuss what Department of Defense contractors should be doing regarding cybersecurity compliance righ now.

If you need help with your CMMC Compliance, reach out to us:

www.WeSimplifIT.com
502-783-6630

Apr 13, 202119:11
CMMC - The Current State of Cybersecurity in the DoD Contracting Space

CMMC - The Current State of Cybersecurity in the DoD Contracting Space

In this episode, Craig Willard, CMMC-AB Registered Practitioner, and Nick Landers, CMO at SimplifIT, a CMMC-AB Registered Provider Organization discuss the state of cybersecurity in the Department of Defense contracting space.


If you need help with your CMMC Compliance, reach out to us:

www.WeSimplifIT.com
502-783-6630

Apr 13, 202120:18